[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

PAM and shadow

I was looking at modifying lockvc to use PAM the other day. lockvc is a
terminal locking program that uses svgalib to show some nice graphics.
Like all svgalib programs it drops it root priviledges after
initializing the graphic system. As a result when a user tries to unlock
his system lockvc no longer can read /etc/shadow and PAM gives an error.

The standard solution I use is to open /etc/shadow before dropping the
root priviledges and later use fgetpwent() to get the shadow passwords.
I looked at the PAM sources to see if I could make a PAM module which
does that, but I found that apparently there is no method for a module
to be initialized when pam_start() is called.

Is there any solution to this problem, besides adding an initialization
function to the pam_module (hope I remembered the name correctly) struct?


This combination of bytes forms a message written to you by Wichert Akkerman.
E-Mail: wakkerma@cs.leidenuniv.nl
WWW: http://www.wi.leidenuniv.nl/~wichert/

Attachment: pgp00000.pgp
Description: PGP signature

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []